eec8c28fb3
changed perms
Go Benchmark / Performance Regression Check (push) Waiting to run
Cerberus Integration / Cerberus Security Stack Integration (push) Waiting to run
Upload Coverage to Codecov / Backend Codecov Upload (push) Waiting to run
Upload Coverage to Codecov / Frontend Codecov Upload (push) Waiting to run
CodeQL - Analyze / CodeQL analysis (go) (push) Waiting to run
CodeQL - Analyze / CodeQL analysis (javascript-typescript) (push) Waiting to run
CrowdSec Integration / CrowdSec Bouncer Integration (push) Waiting to run
Docker Build, Publish & Test / build-and-push (push) Waiting to run
Docker Build, Publish & Test / Security Scan PR Image (push) Blocked by required conditions
Quality Checks / Auth Route Protection Contract (push) Waiting to run
Quality Checks / Codecov Trigger/Comment Parity Guard (push) Waiting to run
Quality Checks / Backend (Go) (push) Waiting to run
Quality Checks / Frontend (React) (push) Waiting to run
Rate Limit integration / Rate Limiting Integration (push) Waiting to run
Security Scan (PR) / Trivy Binary Scan (push) Waiting to run
Supply Chain Verification (PR) / Verify Supply Chain (push) Waiting to run
WAF integration / Coraza WAF Integration (push) Waiting to run
2026-04-22 18:19:14 +00:00
Jeremy
a8cd4bf34c
Merge branch 'feature/beta-release' into development
2026-04-20 12:17:15 -04:00
Jeremy
26a75f5fe3
Merge branch 'development' into main
2026-04-20 08:26:40 -04:00
Wikid82
6509bb5d1b
chore(docker): update GeoLite2-Country.mmdb checksum
...
Automated checksum update for GeoLite2-Country.mmdb database.
Old: b018842033872f19ed9ccefb863ec954f8024db2ae913d0d4ea14e35ace4eba1
New: 62049119bd084e19fff4689bebe258f18a5f27a386e6d26ba5180941b613fc2b
Auto-generated by: .github/workflows/update-geolite2.yml
2026-04-20 02:58:45 +00:00
renovate[bot]
aa6c751007
fix(deps): update non-major-updates
2026-04-17 20:39:46 +00:00
renovate[bot]
34903cdd49
chore(deps): update node.js to 8510330
2026-04-16 13:26:43 +00:00
renovate[bot]
98c720987d
chore(deps): update non-major-updates
2026-04-16 13:26:37 +00:00
GitHub Actions
ea3d93253f
fix: update CADDY_SECURITY_VERSION to 1.1.62 for improved security
2026-04-13 13:10:40 +00:00
Jeremy
ef44ae40ec
Merge branch 'development' into feature/beta-release
2026-04-13 08:49:52 -04:00
Jeremy
83b361ae57
Merge pull request #938 from Wikid82/nightly
...
Weekly: Promote nightly to main (2026-04-13)
2026-04-13 08:48:06 -04:00
GitHub Actions
48f6b7a12b
fix: update Dockerfile to include musl and musl-utils in apk upgrade for improved compatibility
2026-04-13 04:40:02 +00:00
GitHub Actions
9dc55675ca
fix: update Coraza Caddy version to 2.5.0 for compatibility
2026-04-13 04:01:31 +00:00
Wikid82
00ba5b3650
chore(docker): update GeoLite2-Country.mmdb checksum
...
Automated checksum update for GeoLite2-Country.mmdb database.
Old: f5e80a9a3129d46e75c8cccd66bfac725b0449a6c89ba5093a16561d58f20bda
New: b018842033872f19ed9ccefb863ec954f8024db2ae913d0d4ea14e35ace4eba1
Auto-generated by: .github/workflows/update-geolite2.yml
2026-04-13 02:59:03 +00:00
GitHub Actions
bb99dacecd
fix: update zlib and add libcrypto3 and libssl3 for improved security
2026-04-11 17:33:44 +00:00
GitHub Actions
9e82efd23a
fix: downgrade delve version from 1.26.2 to 1.26.1 for compatibility
2026-04-11 00:11:25 +00:00
GitHub Actions
a439e1d467
fix: add git to Dockerfile dependencies for improved build capabilities
2026-04-10 21:03:54 +00:00
GitHub Actions
059ff9c6b4
fix: update Go version from 1.26.1 to 1.26.2 in Dockerfile and documentation for security improvements
2026-04-10 20:48:46 +00:00
renovate[bot]
ed9d6fe5d8
fix(deps): update non-major-updates
2026-04-10 15:11:47 +00:00
GitHub Actions
615e5a95f5
fix: downgrade pgx/v4 to v4.18.3 to address buffer overflow vulnerability
2026-04-09 19:09:25 +00:00
renovate[bot]
f05c24dd66
chore(deps): update module github.com/jackc/pgx/v4 to v5
2026-04-09 18:24:32 +00:00
GitHub Actions
580e20d573
fix: resolve 5 HIGH-severity CVEs blocking nightly container image scan
...
Patch vulnerable transitive dependencies across all three compiled
binaries in the Docker image (backend, Caddy, CrowdSec):
- go-jose/v3 and v4: JOSE/JWT validation bypass (CVE-2026-34986)
- otel/sdk: resource leak in OpenTelemetry SDK (CVE-2026-39883)
- pgproto3/v2: buffer overflow via pgx/v4 bump (CVE-2026-32286)
- AWS SDK v2: event stream injection in CrowdSec deps (GHSA-xmrv-pmrh-hhx2)
- OTel HTTP exporters: request smuggling (CVE-2026-39882)
- gRPC: bumped to v1.80.0 for transitive go-jose/v4 resolution
All Dockerfile patches include Renovate annotations for automated
future tracking. Renovate config extended to cover Go version and
GitHub Action refs in skill example workflows, preventing version
drift in non-CI files. SECURITY.md updated with pre-existing Alpine
base image CVE (no upstream fix available).
Nightly Go stdlib CVEs (1.26.1) self-heal on next development sync;
example workflow pinned to 1.26.2 for correctness.
2026-04-09 17:24:25 +00:00
renovate[bot]
73565e0e0d
fix(deps): update non-major-updates
2026-04-09 09:20:57 +00:00
Jeremy
79f0080c80
Merge pull request #915 from Wikid82/main
...
Propagate changes from main into development
2026-04-06 01:07:49 -04:00
Wikid82
f5ab2cddd8
chore(docker): update GeoLite2-Country.mmdb checksum
...
Automated checksum update for GeoLite2-Country.mmdb database.
Old: 7840f4b8891e7c866f948d4b020cdc12aeea51b09450b44ad96d1f14f6e32879
New: f5e80a9a3129d46e75c8cccd66bfac725b0449a6c89ba5093a16561d58f20bda
Auto-generated by: .github/workflows/update-geolite2.yml
2026-04-06 02:58:45 +00:00
Jeremy
d0deef1537
Merge branch 'development' into feature/beta-release
2026-04-03 21:08:07 -04:00
renovate[bot]
b45861090d
fix(deps): update non-major-updates
2026-04-04 00:58:06 +00:00
GitHub Actions
29985714a3
fix: update CORAZA_CADDY_VERSION to 2.4.0 for compatibility improvements
2026-04-03 22:39:40 +00:00
GitHub Actions
64c9d7adbe
fix: update CADDY_SECURITY_VERSION to 1.1.61 for security improvements
2026-04-03 22:38:28 +00:00
renovate[bot]
543388b5a4
fix(deps): update non-major-updates
2026-03-31 01:08:59 +00:00
GitHub Actions
0a43a76a4a
fix: update CROWDSEC_VERSION to 1.7.7 for compatibility improvements
2026-03-30 22:20:37 +00:00
GitHub Actions
c852838644
fix: update CORAZA_CADDY_VERSION to 2.3.0 for compatibility improvements
2026-03-30 22:19:49 +00:00
GitHub Actions
9740ddb813
fix: update CADDY_SECURITY_VERSION to 1.1.57 for security improvements
2026-03-30 22:19:07 +00:00
Jeremy
ecf314b2e5
Merge branch 'main' into bot/update-geolite2-checksum
2026-03-30 17:56:36 -04:00
Wikid82
e32f3dfb57
chore(docker): update GeoLite2-Country.mmdb checksum
...
Automated checksum update for GeoLite2-Country.mmdb database.
Old: c6549807950f93f609d6433fa295fa517fbdec0ad975a4aafba69c136d5d2347
New: 7840f4b8891e7c866f948d4b020cdc12aeea51b09450b44ad96d1f14f6e32879
Auto-generated by: .github/workflows/update-geolite2.yml
2026-03-30 02:58:26 +00:00
GitHub Actions
f40fca844f
fix: update CADDY_SECURITY_VERSION to 1.1.53 for security improvements
2026-03-25 20:47:46 +00:00
GitHub Actions
0a4ac41242
fix: update CADDY_SECURITY_VERSION to 1.1.52 for security improvements
2026-03-25 19:34:48 +00:00
GitHub Actions
8702d7b76d
fix(deps): update CADDY_SECURITY_VERSION to 1.1.51 for security improvements
2026-03-25 04:10:05 +00:00
Jeremy
6c6c3f3373
Merge pull request #880 from Wikid82/main
...
Propagate changes from main into development
2026-03-24 02:41:00 -04:00
Wikid82
6fc4409513
chore(docker): update GeoLite2-Country.mmdb checksum
...
Automated checksum update for GeoLite2-Country.mmdb database.
Old: aa154fc6bcd712644de232a4abcdd07dac1f801308c0b6f93dbc2b375443da7b
New: c6549807950f93f609d6433fa295fa517fbdec0ad975a4aafba69c136d5d2347
Auto-generated by: .github/workflows/update-geolite2.yml
2026-03-23 02:57:35 +00:00
GitHub Actions
68d21fc20b
fix: patch CVE-2026-30836 in Caddy build by pinning smallstep/certificates to v0.30.0
2026-03-20 04:15:29 +00:00
GitHub Actions
5bf7b54496
chore: proactively pin grpc and goxmldsig in Docker builder stages to patch embedded binary CVEs
2026-03-19 18:18:28 +00:00
GitHub Actions
19b388d865
fix: update Caddy security version to 1.1.50 in Dockerfile
2026-03-18 22:11:50 +00:00
renovate[bot]
4c375ad86f
chore(deps): update module github.com/greenpau/caddy-security to v1.1.49
2026-03-18 02:33:53 +00:00
GitHub Actions
8b0011f6c6
fix(ci): enhance rate limit integration test reliability
...
- Added HTTP status checks for login and security config POST requests to ensure proper error handling.
- Implemented a readiness gate for the Caddy admin API before applying security configurations.
- Increased sleep duration before verifying rate limit handler to accommodate Caddy's configuration propagation.
- Changed verification failure from a warning to a hard exit to prevent misleading test results.
- Updated Caddy admin API URL to use the canonical trailing slash in multiple locations.
- Adjusted retry parameters for rate limit verification to reduce polling noise.
- Removed stale GeoIP checksum validation from the Dockerfile's non-CI path to simplify the build process.
2026-03-17 14:05:25 +00:00
Jeremy
ec1b79c2b7
Merge branch 'development' into feature/beta-release
2026-03-16 08:30:45 -04:00
renovate[bot]
edd7405313
chore(deps): update non-major-updates
2026-03-16 12:28:25 +00:00
GitHub Actions
79800871fa
fix: harden frontend-builder with npm upgrade to mitigate bundled CVEs
2026-03-16 12:26:55 +00:00
Jeremy
34d5cca972
Merge branch 'main' into nightly
2026-03-16 07:35:56 -04:00
Wikid82
3570c05805
chore(docker): update GeoLite2-Country.mmdb checksum
...
Automated checksum update for GeoLite2-Country.mmdb database.
Old: b79afc28a0a52f89c15e8d92b05c173f314dd4f687719f96cf921012d900fcce
New: aa154fc6bcd712644de232a4abcdd07dac1f801308c0b6f93dbc2b375443da7b
Auto-generated by: .github/workflows/update-geolite2.yml
2026-03-16 02:58:27 +00:00
GitHub Actions
b66cc34e1c
fix: update Caddy security version to 1.1.48 in Dockerfile
2026-03-15 20:49:53 +00:00
